Security and Compliance for VMware Cloud Foundation provides guidance for auditors who would want to evaluate their VMware Cloud Foundation environment. You can leverage SDDC benchmarks and regulatory frameworks available under VMware Cloud Foundation to be able to assess individual SDDC components based on needed benchmarks or regulatory frameworks of your choice.
VCF Audit Guide
Compliance Kit for VMware Cloud Foundation is a solution that builds on top of VMware Cloud Foundation and leverages security fundamentals. The kit addresses the top ten most frequently requested compliance standards, regulations, and frameworks.
The compliance kit is designed and validated to tailor security configurations without impacting the ability of VMware Cloud Foundation to meet its design objectives. The kit can assist organizations to secure information systems in a compliance context.
The VCF Audit Guide is part of the Compliance Kit for VMware Cloud Foundation and can be used to evaluate both default and non-default configurations. For more information, see the topic, Compliance Kit for VMware Cloud Foundation in the VMware Cloud Foundation Product Documentation.
The .xlsx file, that is based on the VCF Audit Guide, containing a collection of all compliance conditions required for assessing compliance of VCF environments is available in the KB article: KB94849.
- VCF 4.2 Audit Guide
- VCF 4.3 Audit Guide
- VCF 4.4 Audit Guide
- ESXi,
- SDDC Manager,
- vCenter Server,
- vSAN
- NSX
- VMware Distributed Virtual Switch
- VMware Adapter Instance
- Virtual Machine
- Host System
- Logical Router
- NSX
- NSX Manager Service
- Logical Switch
- Management Cluster
- VCF Adapter Instance
- vSAN
- DC
- Cluster